And the other way, too. The whole reason why Android chose Java was because it was, at the time, one of the better languages and runtimes for creating hardware-agnostic software. Now that a software ecosystem is in place, why should Google be able to control what hardware the already-written software runs on?
Ah yeah. Plus apparently Android’s default SELinux configuration blocks this separately, as well.
Android doesn’t have su, which this proof of concept exploit requires. Although rooted Android does, so in theory malware written for rooted Android could escalate to root privileges.
Also, the underlying vulnerabilities might be exploitable without su but I don’t fully understand the AF_ALG and authencesn bug limits things, or what other executables can escalate privileges.
This is really, really cool. Makes you appreciate just how much this team does for reverse engineering what should be normally documented hardware.
For your specific example, Dominos still does 100% of its own delivery, even when ordered through a third party app. When you order Dominos through Doordash, the person who shows up is a Dominos franchise employee wearing a Dominos uniform. Domino’s was exclusively first party delivery up until 2023, when they partnered with Uber Eats under this framework (we’ll let your app access our stores if we still handle the delivery itself), and they added Doordash this month and are currently rolling it out to all locations.
The website could know whether the username actually exists on the system. But revealing that information is a security weakness because someone could at least learn who has an account at that site (especially if usernames are email addresses, as they often are).
According to your POV here, companies can claim whatever and it’s my job now to figure out if they are lying or to what extent.
No, the actual claims here, that describe specific bugs in specific software, can be evaluated. Even without whipping out a test environment to try to reproduce the results with your own proof of concept, you can read the text and evaluate whether the claims make sense on their face.
a broken clock is never right, reality momentarily aligns with it, which is a completely different thing
And that’s why the substance of a statement matters. I don’t believe in the supernatural, so if someone says “I’m a psychic and the missing girl on the news is in a shed near the water,” that doesn’t register with me at all. But if that person says “I’m a psychic and the missing girl is in a shed at 1234 Main Street” that raises eyebrows because it is easily falsifiable. And if the person says “I’m a psychic and the missing girl is in a shed, so I looked and found her and reported it to the cops, and here’s a cryptographic hash of my description of how I found her, which I’ll publish once the cops confirm she’s safe” that’s gonna be a much more serious statement. Even if I don’t believe that the person actually is a psychic, I can pay attention to how the whole thing played out because the person claims serious non-psychic validation of the results, and the results themselves are important entirely externally from the claim of whether psychics have powers.
This is a story about several cybersecurity vulnerabilities, some of which sound medium or high severity in very commonly used software. That’s important in itself, outside of AI mattering at all. And if they claim to have the receipts in a falsifiable way, that’s the kind of thing that shows a high degree of confidence in the genuineness of what was found.
I don’t give a shit about AI and I’m generally a skeptic of the future of any of these AI companies. But if someone uses AI tools to discover something new in the subjects that I do care about, like cybersecurity, then I’ll pay attention to the results and what they publish in that field.
This is really a corporate problem of their own making and their responsibility to fix. They have lied so much, I do not owe then a single iota of trust.
The statements can stand for themselves, evaluated on the merits of the claims, regardless of authorship. That’s how these things should work. Someone who has a great history of finding vulnerabilities still has to stand by each exploit/proof of concept they write, on its own merits. On the flip side, the corollary to the adage that a broken clock is still right twice a day is that you can’t just say “oh the broken clock said this so I can ignore it.”
Do you really think any of them would post something like “yeah, we found a vulnerability but it’s basically a typo that could not be seriously exploited”?
The blog post literally describes exactly that, for ffmpeg. And several of the other described vulnerabilities sound like they’re in that category of “here’s a bug but we didn’t find an exploit.”
Simply refusing to engage with these big claims just because of the source is an irresponsible way to approach cybersecurity.
even if the whole scenario is real, it may not have the intervention of Ai they are claiming
…who cares? If it’s a real bug and a real PR addressing the bug, why does authorship or methodology matter?
It’s just the ad hominem fallacy (or the close relative, appeal to authority). Let the actual substance stand and fall on its merits. Read the described vulnerabilities and exploits and decide whether you think those need to be patched and how critical/severe the bugs/vulnerabilities are.
And maybe your priorities are different from mine, but the core of the claim (we found some vulnerabilities) trigger a responsibility to address them (confirm and patch). I don’t care about marketing or corporate interests or whatever in those circumstances, I’m just focused on fixing problems that have been found.
Yes I understand, but I’m also putting the direct claims right there, not filtered through Anthropic’s PR or an article from the IT industry press interpreting those PR statements.
These are real CVEs that have actually been submitted to the code maintainers for both FOSS and closed source software that is foundational to the computing world. Some of them are published in this post. And many more are simply described with a hash of the full writeup indicating that they have it written out and are waiting for the patches to be applied. I’m especially interested in the Virtual Machine Monitor and the exploits for jumping out of browser sandboxes for “all major browsers.”
Some of the published CVEs in the blog post seem pretty serious, especially the FreeBSD remote root access for devices running NFS. The OpenBSD one is a critical DOS vector, and the FFMPEG one is just a bug that doesn’t seem to actually expose the software to any practical exploits but should still be patched.
But they’ve staked it out with their public disclosure of the hashes and a description of a few of the problems. These are big bold claims that are provided in a format that will be easily falsifiable in due time. And treating it as just marketing fluff ignores the shades of gray that actually apply to corporate claims.
The security blog writeup is here:
https://red.anthropic.com/2026/mythos-preview/
They’ve described several patched CVEs and disclosed the hashes of writeups that are currently undergoing the responsible disclosure process.
It lists quite a few, so I’ll be checking back when the vulnerabilities/exploits are patched and disclosed.
Is it that much harder than remembering that some emojis now map onto secondary meanings, like 🍆 meaning penis and 💀 meaning “I find this to be very funny”? Or even the primary meanings of emojis, where you’d totally understand what someone is saying when they type ✈️🇯🇵🍣🍜?
The difficulty comes from the sheer number of them, but human communication is full of things where meaning comes from non-alphabetical symbols.
Jevon’s Paradox is that when there’s more of a resource to consume, humans will consume more resource rather than make the gains to use the resource better.
More specifically, it’s when an improvement in efficiency cause the underlying resource to be used more, because the efficiency reduces cost and then using that resource becomes even more economically attractive.
So when factories got more efficient at using coal in the 19th century, England saw a huge increase in coal demand, despite using less coal for any given task.
Chromium is basically Tyrone Biggums asking if y’all got any more of that RAM, so bundling that into Electron is gonna lead to the same behavior.
Every radio band is subject to their own rules.
Wi-Fi and Bluetooth transmit on frequencies that are “license by rule,” where the FCC license to transmit is granted to everyone who follows the Part 15 rules about the technical details. So nobody needs a separate license to use wifi or Bluetooth, and the devices themselves are only subject to certain technical restrictions, like maximum transmit power and the like.
Ham radios transmit on bands that allow for a license for anyone who can pass the test and pay the fee.
Cell phones operate on frequencies and bands that have much stricter licensing rules, and the devices are certified to follow the technical rules under pretty much all circumstances. They go through much more thorough testing than the radios capable of transmitting on amateur bands or license by rule bands.
I liken it to a professional basketball player with a low free throw percentage. If they’re still on the team and in the league despite missing 3 free throws a game, they must be really good at the other stuff.
It’s not feasible for a mass market consumer product like Starlink.
Why not? That’s a service designed to serve millions of simultaneous users from nearly 10,000 satellites. These systems have to be designed to be at least somewhat resistant to unintentional interference, which means it is usually quite resistant to intentional jamming.
Any modern RF protocol is going to use multiple frequencies, timing slots, and physical locations in three dimensional space.
And so the reports out of Iran is that Starlink service is degraded in places but not fully blocked. It’s a cat and mouse game out there.
I’d think that there are practical limits to jamming. After all, jamming doesn’t just make radio impossible, it just makes the transmitter and receiver need to get closer together (so that their signal strength in that shorter distance is strong enough to overcome the jamming from further away). Most receivers filter out the frequencies they’re not looking for, so any jammer will need to actually be hitting that receiver with that specific frequency. And many modern antenna arrays rely on beamforming techniques less susceptible to unintentional interference or intentional jamming that is coming from a different direction than where it’s looking. Even less modern antennas can be heavily directional based on the physical design.
If you’re trying to jam a city block, with a 100m radius, of any and all frequencies that radios use, that’s gonna take some serious power. Which will require cooling equipment if you want to keep it on continuously.
If you’re trying to jam an entire city, though, that just might not be practical to hit literally every frequency that a satellite might be using.
I don’t know enough about the actual power and equipment requirements, but it seems like blocking satellite communications between satellites you don’t control and transceivers scattered throughout a large territory is more difficult than you’re making it sound.
In terms of usage of AI, I’m thinking “doing something a million people already know how to do” is probably on more secure footing than trying to go out and pioneer something new. When you’re in the realm of copying and maybe remixing things for which there are lots of examples and lots of documentation (presumably in the training data), I’d bet large language models stay within a normal framework.
Joke’s on him, I’m putting my website at 305.domain.tld.
Yeah if I were starting now I’d be looking at jellyfin. But I paid the lifetime plex pass, and inertia/laziness what it is, so I haven’t found a reason to actually switch yet.